← Back to all feeds

🛡️ Suricata Rules

IDS/IPS rules generated from our threat intelligence. Deploy these rules in your Suricata installation to detect and block known threats.

Available Rule Files

Rules are updated hourly and organized by date

Loading rules...

How to Use Suricata Rules

Installation:

# Download latest rules
wget https://www.check-the-sum.fr/feeds/suricata/suricata_$(date +%d_%m_%Y).rules

# Copy to Suricata rules directory
sudo cp suricata_*.rules /etc/suricata/rules/

# Update suricata.yaml to include the rules
sudo nano /etc/suricata/suricata.yaml

# Reload Suricata
sudo suricata-update
sudo systemctl restart suricata

Automation:

#!/bin/bash
# Add to crontab: 0 * * * * /path/to/update-suricata-rules.sh

wget -q https://www.check-the-sum.fr/feeds/suricata/suricata_$(date +%d_%m_%Y).rules -O /tmp/cts-rules.rules

if [ -s /tmp/cts-rules.rules ]; then
  cp /tmp/cts-rules.rules /etc/suricata/rules/checkthesum.rules
  suricatasc -c reload-rules
fi